Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 1 of 57 PageID #:1696
`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 1 of 57 PageID #:1696
`
`EXHIBIT 1
`EXHIBIT 1
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 2 of 57 PageID #:1697
`
`IN THE UNITED STATES DISTRICT COURT
`FOR THE NORTHERN DISTRICT OF ILLINOIS
`EASTERN DIVISION
`
`
`
`Civil Action File No.: 1:21-cv-00135
`
`Judge Sharon Johnson Coleman
`
`Magistrate Judge Maria Valdez
`
`JURY TRIAL DEMANDED
`
`
`
`
`
`In re Clearview AI, Inc. Consumer Privacy
`Litigation
`
`
`
`
`FIRST AMENDED CONSOLIDATED CLASS ACTION COMPLAINT
`
`Plaintiffs David Mutnick, Steven Vance, Mario Calderon, Jennifer Rocio, Anthony Hall,
`
`Isela Carmean, Shelby Zelonis Roberson, Andrea Vestrand and Aaron Hurvitz (collectively,
`
`“Plaintiffs”), individually and on behalf of all others similarly situated (“Plaintiff Class
`
`Members”), bring this Consolidated Class Action Complaint against the following: (a) Clearview
`
`AI, Inc. (“Clearview”); (b) Hoan Ton-That; (c) Richard Schwartz; (d) Rocky Mountain Data
`
`Analytics LLC (“Rocky Mountain”); (e) Thomas Mulcaire; and (f) Macy’s, Inc. (“Macy’s”),
`
`individually and on behalf of a defendant class comprised of all other private, non-governmental
`
`entities similarly situated to Macy’s (hereinafter, “Defendant Class Members”) (all Defendants
`
`collectively “Defendants”). Plaintiffs complain and allege as follows based on personal knowledge
`
`as to themselves, the investigation of their counsel, and information and belief as to all other
`
`matters, and demand a trial by jury.
`
`NATURE OF THE ACTION
`
`Without providing any notice and without obtaining any consent, Defendants
`
`
`
`1.
`
`Clearview, Ton-That and Schwartz (collectively, the “Clearview Defendants”) covertly scraped
`
`three billion photographs of facial images from the internet – including facial images of millions
`
`of American residents and then used artificial intelligence algorithms to scan the face geometry of
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 3 of 57 PageID #:1698
`
`
`
`each individual depicted in the photographs in order to harvest the individuals’ unique biometric
`
`identifiers1 and corresponding biometric information2 (collectively, “Biometrics”). Further, the
`
`Clearview Defendants created a searchable biometric database (the “Biometric Database”) that
`
`contained the above-described Biometrics and allowed users of the Database to identify unknown
`
`individuals merely by uploading a photograph to the database.
`
`2.
`
`The Clearview Defendants did not develop their technology out of a desire for a
`
`safer society. Rather, they developed their technology to invade the privacy of the American public
`
`for their own profit.
`
`3.
`
`While the Clearview Defendants have touted their actions and the Biometric
`
`Database as being helpful to law enforcement and other government agencies, the Clearview
`
`Defendants have made their Biometric Database available to public and private entities and
`
`persons, alike. What the Clearview Defendants’ technology really offers is a massive surveillance
`
`state. Anyone utilizing the technology could determine the identities of people as they walk down
`
`the street, attend a political rally or enjoy time in public with their families. One of Clearview’s
`
`financial backers has conceded that Clearview may be laying the groundwork for a “dystopian
`
`future.”
`
`4.
`
`Accordingly, Plaintiffs, on behalf of themselves and similarly situated individuals,
`
`bring this action for damages and other legal and equitable remedies resulting from the actions of
`
`the Clearview Defendants, Macy’s and all other private entities similarly situated to Macy’s, and
`
`the other Defendants for their unlawful creation and/or use of the Biometric Database consisting
`
`of the Biometrics of millions of American residents, including residents of Illinois, California,
`
`
`1 As used herein, “biometric identifier” is any personal feature that is unique to an individual, including
`fingerprints, iris scans, DNA and “face geometry,” among others.
`2 As used, “biometric information” is any information captured, converted, stored, or shared based on a
`person’s biometric identifier used to identify an individual.
`
`
`
`2
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 4 of 57 PageID #:1699
`
`
`
`New York and Virginia. As alleged below, Defendants’ conduct violated, and continues to violate,
`
`Illinois’ Biometric Information Privacy Act (“BIPA”), 740 ILCS 14/1, et seq., as well as other
`
`state constitutional, statutory and common laws, causing injury to Plaintiffs and Plaintiff Class
`
`Members
`
`PARTIES
`
`5.
`
`Plaintiff David Mutnick is, and at relevant times has been, a resident of Illinois,
`
`residing in the Northern District of Illinois.
`
`5.6.
`
`Plaintiff Steven Vance is, and at relevant times has been, a resident of Illinois,
`
`residing in the Northern District of Illinois.
`
`6.7.
`
`Plaintiff Mario Calderon is, and at relevant times has been, a resident of Illinois,
`
`residing in the Northern District of Illinois.
`
`7.8.
`
`Plaintiff Jennifer Rocio is, and at relevant times has been, a resident of Illinois,
`
`residing in the Northern District of Illinois.
`
`8.9.
`
`Plaintiff Anthony Hall is, and at relevant times has been, a resident of Illinois,
`
`residing in the Northern District of Illinois.
`
`9.10. Plaintiff Isela Carmean is, and at relevant times has been, a resident of Illinois
`
`residing in the Northern District of Illinois.
`
`10.11. Plaintiff Shelby Zelonis Roberson is, and at relevant times has been, a resident of
`
`Virginia.
`
`11.12. Plaintiff Andrea Vestrand is, and at relevant times has been, a resident of California.
`
`12.13. Plaintiff Aaron Hurvitz is, and at relevant times has been, a resident of New York.
`
`13.14. Defendant Clearview AI, Inc. is a private, for-profit Delaware corporation,
`
`headquartered in New York, New York (Defendant and its predecessors, hereinafter “Clearview”).
`
`
`
`3
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 5 of 57 PageID #:1700
`
`
`
`Clearview markets its technology throughout the United States, including in Illinois. Moreover,
`
`Clearview obtains the images that underlie its technology from millions of internet-based
`
`platforms and websites, including, on information and belief, based on the magnitude of platforms
`
`and websites involved, platforms and websites of Illinois companies or companies who operate
`
`servers in Illinois. Clearview’s business and unlawful practices extend nationwide, and it has
`
`disclosed the Biometrics of unsuspecting individuals to its clients around the country. Clearview
`
`continues to engage in this conduct to this day.
`
`14.15. Defendant Hoan Ton-That is a founder and the Chief Executive Officer of
`
`Clearview and an architect of its illegal scheme, as alleged herein. Ton-That’s responsibilities at
`
`Clearview included, and continue to include, managing technology matters. At relevant times,
`
`Ton-That knew of, participated in, consented to, approved, authorized and directed the wrongful
`
`acts alleged in this Consolidated Class Action Complaint.
`
`15.16. Defendant Richard Schwartz is a founder and the President of Clearview and an
`
`architect of its illegal scheme. Schwartz’s responsibilities at Clearview included, and continue to
`
`include, managing sales. Schwartz knew of, participated in, consented to, approved, authorized,
`
`and directed the wrongful acts alleged in this Consolidated Class Action Complaint.
`
`16.17. At relevant times, Defendant Thomas Mulcaire was an attorney, Clearview’s
`
`General Counsel and the Vice President of Defendant Rocky Mountain. Mulcaire provided Rocky
`
`Mountain’s sole customer – the Illinois Secretary of State – with his personal information in order
`
`to be paid directly for work performed by Rocky Mountain.
`
`17.18. Defendant Rocky Mountain Data Analytics LLC is a private, for-profit New
`
`Mexico limited liability company with its principal place of business in New Mexico. At relevant
`
`times, Rocky Mountain had a single client – the Illinois Secretary of State. Rocky Mountain
`
`
`
`4
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 6 of 57 PageID #:1701
`
`
`
`provided the Illinois Secretary of State with access to the Biometric Database and the Biometrics
`
`contained therein. – to which it provided the Biometric Database.
`
`18.19. Defendant Macy’s, Inc. Retail Holdings, Inc. (“Macy’s”) is a Delaware
`
`corporation, doing business in Illinois, with twenty-one department stores in that state.
`
`JURISDICTION AND VENUE
`
`19.20. This Court has original jurisdiction over this controversy pursuant to 28 U.S.C.
`
`§ 1332(d) because there are more than 100 Plaintiff Class Members and the aggregate amount in
`
`controversy exceeds $5,000,000.00, exclusive of interest, fees, and costs, and at least one class
`
`member is a citizen of a state different from one of the Defendants. The Court has supplemental
`
`jurisdiction over all of the state law claims pursuant to 28 U.S.C. § 1367.
`
`20.21. This Court has personal jurisdiction over the Clearview Defendants because their
`
`contacts with Illinois are directly related to the conduct alleged herein. As set forth in the Court’s
`
`order in Mutnick v. Clearview AI, Inc., No. 1:20-cv-512 (N.D. Ill) (Dkt. 86):
`
`Ton-That and Schwartz founded Clearview in 2017. Ton-That and Schwartz have
`high-ranking positions in management and operations at Clearview. More
`specifically, Ton-That is Clearview’s CEO and is responsible for managing
`Clearview’s technological matters. Schwartz is Clearview’s president managing
`Clearview’s sales. Schwartz and Ton-That have contributed significant resources
`to Clearview’s operations. Schwartz, for example, has paid for the servers and other
`costs necessary to carry out Clearview’s scraping and scanning operations.
`
`As Clearview’s principals, Schwartz and Ton-That have executed hundreds of
`agreements on behalf of Clearview with numerous Illinois law enforcement and
`other government agencies, as well as private entities in Illinois, to provide access
`to its facial recognition database. Through these agreements, defendants have sold,
`disclosed, obtained, and profited from the biometric identifiers of Illinois citizens.
`Some the entities to whom Clearview sold biometric information include the
`Chicago, Rockford, and Naperville police departments. Also, Clearview marketed
`its licenses (user accounts) for its facial recognition database to the Illinois
`Secretary of State and negotiated a contract with the Secretary of State via a series
`of emails, mail, and phone calls. As to Clearview’s price quote to the Secretary of
`State, set forth in a letter dated October 1, 2019, Clearview directed payments to be
`
`
`
`5
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 7 of 57 PageID #:1702
`
`
`
`sent to Clearview AI/Attn: Richard Schwartz at Schwartz’s residence in New York
`City.
`
`Plaintiffs further maintain that defendants purposely directed their “illegal
`harvesting” at the State of Illinois. To clarify, the images contained in the facial
`recognition databases sold to Illinois entities were uploaded and created using
`internet-based platforms and websites from companies in Illinois or companies who
`operate servers in Illinois. Simply put, defendants took biometric information from
`Illinois residents, created a surveillance database, and then marketed and sold
`licenses to use this database to entities in Illinois. As a result, plaintiffs’ privacy
`rights were violated.
`
`21.22. This Court has personal jurisdiction over Rocky Mountain and Mulcaire because
`
`their contacts with Illinois are directly related to the conduct alleged herein. According to
`
`Mulcaire’s May 23, 2020 sworn declaration: (a) Rocky Mountain “is a special purpose entity that
`
`was used for the purpose of contracting with the Illinois Secretary of State”; (b) “[a]lthough [Rocky
`
`Mountain] did submit a quote to the Chicago Police Department, other than the transaction with
`
`the Illinois Secretary of State, [Rocky Mountain] has not engaged in any other transactions related
`
`to Clearview’s [biometric] database since its formation, and is not currently engaged in efforts to
`
`market or contract with parties for access to Clearview’s database”; and (c) Rocky Mountain “has
`
`no employees, assets or products separate from those of Clearview . . . .” The Biometric Database
`
`that Rocky Mountain offered and provided to the Illinois Secretary of State was the same Biometric
`
`Database created by Clearview, with the same connection to Illinois as alleged in the preceding
`
`paragraph. At relevant times, Mulcaire was Rocky Mountain’s Vice President and directly
`
`corresponded with the Illinois Secretary of State in connection with Rocky Mountain’s efforts to
`
`obtain the Illinois Secretary of State’s business. According to the Illinois Secretary of State’s
`
`records, the “Vendor/Payee Name” for the entity providing the Biometric Database was “Thomas
`
`Mulcaire” and the “Vendor Name2/DBA” was “Rocky Mtn Data Analytics LLC.” Further,
`
`according to publicly-available information from the Illinois Comptroller’s Office, Thomas
`
`
`
`6
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 8 of 57 PageID #:1703
`
`
`
`Mulcaire was paid $5,000 in 2020, the amount invoiced by Rocky Mountain.
`
`22.23. The Court has personal jurisdiction over Macy’s because its contacts with Illinois
`
`are directly related to the conduct alleged herein. At relevant times, Macy’s operated twenty-one
`
`retail stores in Illinois. On information and belief, Macy’s obtained access to the Biometric
`
`Database and the Biometrics contained therein in order to identify people whose images appeared
`
`in surveillance camera footage from Macy’s retail stores, including its retail stores in Illinois.
`
`Macy’s utilized the Biometric Database over 6,000 times, each time uploading a probe image to
`
`the database to have the database search the Biometrics contained therein, including the Biometrics
`
`of millions of Illinois residents, for a biometric match. On information and belief, based on the
`
`magnitude of the number of searches, Macy’s uploaded one or more probe images from
`
`surveillance cameras located in Illinois.
`
`23.24. Venue is proper in this District pursuant to 28 U.S.C. § 1391(b)(2) because, as
`
`alleged above, a substantial part of the acts or omissions giving rise to Plaintiffs’ claims occurred
`
`in Illinois. Alternatively, venue is proper pursuant to 28 U.S.C. § 1391(b)(3) because the Court has
`
`personal jurisdiction over Defendants. Additionally, venue is proper pursuant to 28 U.S.C. §
`
`1407(a) and the Order of the United States Judicial Panel on Multidistrict Litigation transferring
`
`this multidistrict litigation to this Court.
`
`FACTUAL ALLEGATIONS
`
`Biometric Identifiers
`
`24.25. Every individual has unique features by which he or she can be identified using a
`
`set of standard quantitative measurements, commonly referred to as “biometric identifiers.”
`
`25.26. For example, the shape of and distance between tiny ridges on each person’s finger
`
`are unique, so measures of those features can be used to identify a specific individual as the person
`
`
`
`7
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 9 of 57 PageID #:1704
`
`
`
`who made a fingerprint.
`
`26.27. Each person also has a unique facial geometry composed of, among other
`
`measurements, distances between key facial landmarks and ratios between those distances.
`
`27.28. Once a picture of a person’s face is scanned and its biometric measurements are
`
`captured, computers can store that information and use it to identify that individual any other time
`
`that person’s face appears on the internet, in a scanned picture or in footage from any of the billions
`
`of cameras that are constantly monitoring the public’s daily lives.
`
`28.29. Unlike fingerprints, facial biometrics are readily observable and, thus, present a
`
`grave and immediate danger to privacy, individual autonomy, and liberty.
`
`The Clearview Defendants’ Unlawful Biometric Database
`
`29.30. The Clearview Defendants have collected, captured and obtained Biometrics from
`
`more than three billion images they covertly scraped from the internet – including, on information
`
`and belief, the Biometrics of Plaintiffs and Class Members – which they have amassed into the
`
`searchable Biometric Database.
`
`30.31. Additionally, the Clearview Defendants have distributed, disseminated, sold,
`
`traded, leased and otherwise profited from the Biometrics they unlawfully collected, captured and
`
`obtained.
`
`31.32. To date, the Clearview Defendants have sold unfettered access to their vast
`
`Biometric Database to more than 7,000 individuals from approximately 2,000 law enforcement
`
`and government agencies, including the Chicago Police Department and the Illinois Secretary of
`
`State.
`
`32.33. Moreover, the Clearview Defendants have sold unfettered access to the Biometric
`
`Database to more than 200 private companies, including Macy’s and Defendant Class Members.
`
`
`
`8
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 10 of 57 PageID #:1705
`
`
`
`Those private entities in turn frequently queried the Biometric Database for their own business
`
`purposes, including to identify particular individuals appearing in photographs or videos in their
`
`possession. Each time one of Clearview’s private clients queried the Biometric Database, the
`
`Clearview Defendants’ algorithms compared the facial geometry of the subject appearing in a
`
`chosen photograph or video against the facial geometry of each of the hundreds of millions of
`
`subjects appearing in the database, including the facial geometry of each of the Plaintiffs and
`
`Plaintiff Class Members. Thus, by obtaining access to and querying the Biometric Database,
`
`Macy’s and Defendant Class Members necessarily obtained, accessed and used all of the
`
`Biometrics in that database, including the Biometrics of Plaintiffs and Plaintiff Class Members.
`
`33.34. At relevant times, the Clearview Defendants failed to store and protect from
`
`disclosure the highly sensitive Biometrics in the Biometric Database: (a) using the reasonable
`
`standard of care within Clearview’s industry; and (b) in a manner that was the same or more
`
`protective than the manner in which the Clearview Defendants stored and protected other
`
`confidential and sensitive information. Evidence of the Clearview Defendants’ lax security
`
`practices includes the fact that Clearview’s electronic systems were hacked on at least two
`
`occasions in 2020.
`
`34.35. According to public reports, in one instance, the hackers obtained Clearview’s
`
`customer list. In the other instance, hackers obtained access to a “misconfigured server” that
`
`exposed Clearview’s internal files, apps and source code to anyone on the internet. The
`
`misconfigured server allowed anyone to run Clearview’s software application and access the
`
`Biometric Database that contained the sensitive Biometrics of millions of United States residents,
`
`including Plaintiffs and Plaintiff Class Members.
`
`
`
`
`
`
`
`9
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 11 of 57 PageID #:1706
`
`
`
`The Corporate Fictions
`
`35.36. At relevant times, a unity of interest existed between Clearview and its principals,
`
`Ton-That and Schwartz, that caused the separate personalities of Clearview and those principals
`
`to no longer exist. Moreover, adherence to the fiction of a separate corporate existence would
`
`promote injustice and inequitable consequences.
`
`36.37. From Clearview’s inception, Ton-That and Schwartz undercapitalized Clearview
`
`so that Clearview could not fulfill its obligations – namely, its legal obligations. Ton-That’s and
`
`Schwartz’s undercapitalization was especially egregious given that, as alleged herein, they built
`
`Clearview around an inherently unlawful business model that exposed Clearview to substantial
`
`legal liability at all times. Ton-That’s and Schwartz’s failure to adequately capitalize Clearview
`
`rendered, and continues to render, Clearview a mere liability shield.
`
`37.38. Further, at relevant times, Clearview directed its customers to send payments to
`
`Schwartz’s personal residence. Moreover, Schwartz paid for the servers and other costs necessary
`
`to carry out Clearview’s unlawful scraping and biometric scanning operations.
`
`38.39. Additionally, Ton-That and Schwartz treated Clearview’s Biometric Database as
`
`their own and transferred “ownership” of it as they saw fit. In or about September 2019, Rocky
`
`Mountain was organized and, shortly thereafter, contracted with the Illinois Secretary of State to
`
`provide the Secretary of State with access to the Biometric Database. Rocky Mountain represented
`
`that the Biometric Database was “its proprietary technology” and that Rocky Mountain was the
`
`“sole manufacturer and provider” of the Biometric Database. According to Rocky Mountain,
`
`“there is no other company that offers this product [the Biometric Database] and set of
`
`capabilities.” On information and belief, based on Ton-That’s and Schwartz’s leadership positions
`
`within Clearview and the fact that they were responsible for the creation of the Biometric Database,
`
`
`
`10
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 12 of 57 PageID #:1707
`
`
`
`Ton-That and Schwartz authorized and were directly involved in the creation of Rocky Mountain
`
`and responsible for allowing Rocky Mountain to sell access to the Biometric Database.
`
`39.40. Notably, at relevant times, a unity of interest existed between Rocky Mountain, on
`
`the one hand, and Ton-That, Schwartz and Mulcaire on the other that caused the separate
`
`personalities of Rocky Mountain and Ton-That, Schwartz and Mulcaire to no longer exist.
`
`Moreover, adherence to the fiction of a separate corporate existence would promote injustice and
`
`inequitable consequences.
`
`40.41. Rocky Mountain was, in essence, a corporate shell that Ton-That and Schwartz did
`
`not capitalize at all.
`
`41.42. Further, Ton-That, Schwartz and Mulcaire did not follow corporate formalities with
`
`respect to Rocky Mountain. For instance, Rocky Mountain’s salesperson, in actuality, was a
`
`Clearview employee. On information and belief, Ton-That, Schwartz and Mulcaire authorized and
`
`directed that Clearview salesperson to double as a Rocky Mountain salesperson, all the while
`
`knowing that the salesperson would be paid for all of his work by Clearview. Further, on
`
`information and belief, Ton-That and Schwartz authorized Mulcaire to provide his personal
`
`information to the Illinois Secretary of State, knowing that by doing so the Illinois Secretary of
`
`State would make direct payment to him, not Rocky Mountain. Mulcaire, an attorney, ultimately
`
`provided his personal information to the Illinois Secretary of State, resulting in the Illinois
`
`Secretary of State submitting a voucher to the Illinois Comptroller authorizing payment to
`
`Mulcaire. The Illinois Comptroller ultimately issued a $5,000 payment to Mulcaire.
`
`42.43. Based on the same facts alleged in the preceding paragraphs, Clearview, itself, is
`
`also liable for the acts of Rocky Mountain because: (a) it was Rocky Mountain’s parent; and (b)
`
`had control over and was involved in Rocky Mountain’s misconduct. As alleged, Rocky
`
`
`
`11
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 13 of 57 PageID #:1708
`
`
`
`Mountain’s misconduct can be traced to Clearview, its parent, through the conduct of Ton-That,
`
`Schwartz and Mulcaire who were directly responsible for Rocky Mountain’s activities. Rocky
`
`Mountain’s activities – which including collecting, obtaining, distributing, disseminating, selling,
`
`leasing and profiting from the Biometrics of Plaintiffs and Plaintiff Class Members – resulted in
`
`Rocky Mountain violating the privacy rights of millions of American residents, including residents
`
`of Illinois, California, New York and Virginia. At all times, the injuries caused by Rocky
`
`Mountain’s conduct were foreseeable.
`
`Allegations Related to Plaintiffs
`
`44.
`
`At relevant times, Plaintiff Mutnick uploaded from Illinois to various websites on
`
`the internet photographs taken in Illinois and containing images of his face. Further, at relevant
`
`times, photographs taken in Illinois and containing images of Plaintiff’s face were uploaded by
`
`others to various websites on the internet. In creating the Biometric Database, Clearview searched
`
`millions of websites on the internet for image files. On information and belief, Plaintiff Mutnick’s
`
`Biometrics are contained in the Biometric Database.
`
`43.45. At relevant times, Plaintiff Vance uploaded from Illinois to various websites on the
`
`internet photographs taken in Illinois and containing images of his face. Plaintiff Vance has
`
`uploaded over 18,000 photographs to the internet, many of which contain images of his face. In
`
`creating the Biometric Database, Clearview searched millions of websites on the internet for image
`
`files. On information and belief, Plaintiff Vance’s Biometrics are contained in the Biometric
`
`Database.
`
`44.46. At relevant times, Plaintiff Calderon uploaded from Illinois to various websites on
`
`the internet photographs taken in Illinois and containing images of his face. In creating the
`
`
`
`12
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 14 of 57 PageID #:1709
`
`
`
`Biometric Database, Clearview searched millions of websites on the internet for image files. On
`
`information and belief, Plaintiff Calderon’s Biometrics are contained in the Biometric Database.
`
`45.47. At relevant times, Plaintiff Rocio uploaded from Illinois to various websites on the
`
`internet photographs taken in Illinois and containing images of her face. In creating the Biometric
`
`Database, Clearview searched millions of websites on the internet for image files. On information
`
`and belief, Plaintiff Rocio’s Biometrics are contained in the Biometric Database.
`
`46.48. At relevant times, Plaintiff Hall uploaded from Illinois to various websites on the
`
`internet photographs taken in Illinois and containing images of his face. In creating the Biometric
`
`Database, Clearview searched millions of websites on the internet for image files. On information
`
`and belief, Plaintiff Hall’s Biometrics are contained in the Biometric Database.
`
`47.49. At relevant times, Plaintiff Carmean uploaded from Illinois to various websites on
`
`the internet photographs taken in Illinois and containing images of her face. In creating the
`
`Biometric Database, Clearview searched millions of websites on the internet for image files. On
`
`information and belief, Plaintiff Carmean’s Biometrics are contained in the Biometric Database.
`
`48.50. At relevant times, Plaintiff Roberson uploaded from Virginia to various websites
`
`on the internet photographs taken in Virginia and containing images of her face. In creating the
`
`Biometric Database, Clearview searched millions of websites on the internet for image files. On
`
`information and belief, Plaintiff Roberson’s Biometrics are contained in the Biometric Database.
`
`49.51. At relevant times, Plaintiff Hurvitz uploaded from New York to various websites
`
`on the internet photographs taken in New York and containing images of his face. In creating the
`
`Biometric Database, Clearview searched millions of websites on the internet for image files. On
`
`information and belief, Plaintiff Hurvitz’s Biometrics are contained in the Biometric Database.
`
`
`
`13
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 15 of 57 PageID #:1710
`
`
`
`50.52. At relevant times, Plaintiff Vestrand uploaded from California to various websites
`
`on the internet photographs taken in California and containing images of her face. In creating the
`
`Biometric Database, Clearview searched millions of websites on the internet for image files. On
`
`information and belief, Plaintiff Vestrand’s Biometrics are contained in the Biometric Database.
`
`51.53. After scraping photographs from the internet, the Clearview Defendants, singularly
`
`and/or in concert, performed facial geometric scans of the various faces in the scraped photographs,
`
`including Plaintiffs’ faces, in order to collect, capture and obtain the Biometrics from those faces.
`
`52.54. Additionally, the Clearview Defendants distributed and disseminated the
`
`Biometrics of Plaintiffs and Plaintiff Class Members to Rocky Mountain who, after obtaining the
`
`Biometrics, then redistributed and disseminated them to the Illinois Secretary of State.
`
`53.55. The Clearview Defendants also distributed and disseminated the Biometrics of
`
`Plaintiffs and Plaintiff Class Members to Macy’s and Defendant Class Members who, as alleged
`
`above, purchased access to the Biometric Database and then repeatedly obtained the Biometrics
`
`contained therein in connection with running biometric searches.
`
`54.56. Clearview, Rocky Mountain, Ton-That, Schwartz and Mulcaire profited from the
`
`Biometrics in the Biometric Database, including the Biometrics of Plaintiffs and Plaintiff Class
`
`Members, by selling, leasing and trading them to thousands of governmental and private entities,
`
`as alleged herein.
`
`55.57. Macy’s and Defendant Class Members also profited from the Biometrics in the
`
`Biometric Database, including the Biometrics of Plaintiffs and Plaintiff Class Members, by using
`
`those Biometrics to prevent losses and/or improve the customer’s experience.
`
`56.58. Defendants: (a) never informed Plaintiffs or Plaintiff Class Members in writing or
`
`otherwise of the purpose for which they were collecting, capturing, obtaining, purchasing,
`
`
`
`14
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 16 of 57 PageID #:1711
`
`
`
`disclosing, redisclosing and disseminating the Biometrics of Plaintiffs and Plaintiff Class
`
`Members; and (b) never sought, nor received, a written release or other consent from Plaintiffs or
`
`Plaintiff Class Members or the respective authorized representatives of Plaintiffs or Plaintiff Class
`
`Members that allowed Defendants to collect, capture, obtain, purchase, disclose, redisclose and
`
`disseminate the Biometrics of Plaintiffs and Plaintiff Class Members.
`
`57.59. Further, Plaintiffs and Plaintiff Class Members never consented, agreed or gave
`
`permission – written or otherwise – to Defendants for the collection or storage of their unique
`
`Biometrics. Indeed, prior to the Biometric Database being publicized, Plaintiffs and Plaintiff Class
`
`Members had no idea Defendants were ever in possession of their photographs.
`
`58.60. Likewise, Defendants never provided Plaintiffs or Plaintiff Class Members with an
`
`opportunity to prohibit or prevent the collection, storage, use or dissemination of their unique
`
`Biometrics.
`
`The Injuries and Damages of Plaintiffs and Plaintiff Class Members
`
`59.61. As alleged herein, as a result of Defendants’ unlawful conduct, Plaintiffs and
`
`Plaintiff Class Members have already sustained injuries and face many more imminent and
`
`certainly impending injuries, which injuries they will continue to suffer.
`
`60.62. Defendants’ unlawful conduct has resulted in, among other things: (a) Plaintiffs’
`
`and Plaintiff Class Members’ unique Biometrics being collected, captured, obtained, purchased,
`
`disclosed, redisclosed and otherwise disseminated without the requisite notice having been given
`
`and without the requisite releases or consents having been obtained; and (b) Plaintiffs and Plaintiff
`
`Class Members being deprived of control over their Biometrics.
`
`61.63. To this day, Plaintiffs and Plaintiff Class Members do not know which, or how
`
`many, individuals or entities have received, obtained, purchased, received through trade, accessed,
`
`
`
`15
`
`

`

`Case: 1:21-cv-00135 Document #: 109-1 Filed: 06/25/21 Page 17 of 57 PageID #:1712
`
`
`
`stored, disclosed, redisclosed or otherwise made use of Plaintiffs’ and Plaintiff Class Members’
`
`Biometrics, exposing them to the imminent and certainly impending injuries of identity theft,
`
`fraud, stalking, surveillance, social engineering and other invasions of privacy.3
`
`62.64. As a result of Defendants’ misconduct, Plaintiffs and Plaintiff Class Members have
`
`no recourse for the fact that their biologically unique information has been compromised.
`
`Moreover, Plaintiffs and Class Members are likely to withdraw from biometric-facilitated
`
`transactions and other facially-mediated electronic participation.
`
`
`
`CLASS ACTION ALLEGATIONS
`
`63.65. Plain